Cybersecurity Essentials: Course Final Exam Answers

Course Completion Assessment & Survey

Cybersecurity Essentials: Course Final Exam Answers

1. Which of the following statements describes a distributed denial of service (DDoS) attack?

  • An attacker sends an enormous quantity of data that a server cannot handle, using a botnet
  • An attacker builds a botnet comprised of zombie devices
  • A computer accepts data packets based on the MAC address of another computer
  • An attacker views network traffic to gain access to authentication credentials

Explanation: An attacker builds a network of infected hosts, called a botnet, comprised of zombies. Zombies are the infected hosts. The attacker uses handler systems to control the zombies. The zombie computers constantly scan and infect more hosts, creating more zombies. When ready, the hacker instructs the handler systems to make the botnet of zombies carry out a DDoS attack.

2. Which of the following is a nontechnical method often used by cybercriminals to gather sensitive information about an organization?

  • Pharming
  • Man-in-the-middle
  • Ransomware
  • Social engineering

Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

3. What do you call an impersonation attack that takes advantage of a trusted relationship between two systems?

  • Spamming
  • Man-in-the-middle
  • Spoofing
  • Sniffing

Explanation: In spoofing attacks, hackers can disguise their devices by using a valid address from the network and therefore bypass authentication processes. MAC addresses and IP addresses can be spoofed and can also be used to spoof ARP relationships.

4. A penetration test carried out by an organization identified a backdoor on the network. What action should the organization take to find out if their systems have been compromised?

  • Scan the systems for viruses
  • Look for unauthorized accounts
  • Look for policy changes in Event Viewer
  • Look for usernames that do not have passwords

Explanation: If a penetration test is successful, the corporation should check to locate vulnerabilities in the network and also check to see if there are new unauthorized accounts.

5. Several @Apollo employees have reported that the network access is slow. After investigation, the network administrator has learned that one employee downloaded a third-party scanning program for the printer. What type of malware might have been introduced that is causing slow performance of the network?

  • Spam
  • Phishing
  • Worm
  • Virus

Explanation: Worms are malicious code that replicates by independently exploiting vulnerabilities in networks. Worms usually slow down networks. Whereas a virus requires a host program to run, worms can run by themselves. Other than the initial infection, worms no longer require user participation. After a worm affects a host, it is able to spread very quickly over the network. Worms share similar patterns. They all have an enabling vulnerability, a way to propagate themselves, and they all contain a payload.

6. Which of the following is a feature of a cryptographic hash function?

  • The output has a variable length
  • Hashing requires a public and private key
  • The hash input can be calculated given the output value
  • The hash function has a one-way mathematical function

Explanation: A cryptographic hash function has the following properties:
The input can be any length.
The output has a fixed length.
The hash function is one-way and is not reversible.
Two different input values will almost never result in the same hash.

7. Before data is sent out for analysis, what technique can be used to replace sensitive data in non-production environments to protect the underlying information?

  • Steganalysis
  • Data masking substitution
  • Software obfuscation
  • Steganography

Explanation: Technologies exist to confuse attackers by changing data and using techniques to hide the original data.

8. Which of the following processes are examples of logical access controls? (Select three correct answers)

  • Biometrics to validate physical characteristics
  • Firewalls to monitor traffic
  • Swipe cards to allow access to a restricted area
  • Guards to monitor security screens
  • Fences to protect the perimeter of a building
  • Intrusion detection system to watch for suspicious network activity

Explanation: Logical access controls includes but is not limited to the following:
Smart cards
Access Control Lists (ACLs)
Intrusion Detection Systems (IDS)

9. Which of the following technologies can be implemented as part of an authentication system to verify the identity of employees? (Select two correct answers)

  • A fingerprint
  • A SHA-1 hash
  • A smart card reader
  • A mantrap

Explanation: A username is the most common method used to identify a user. A username can be an alphanumeric combination, a personal identification number (PIN), a smart card or biometric — such as a fingerprint, retina scan or voice recognition.

10. Two @Apollo employees use the same password to log in to the network, which means that both people have the exact same hash for their passwords. What could be implemented to prevent this?

  • RSA
  • Peppering
  • Pseudo-random generator
  • Salting

Explanation: A password is stored as a combination of both a hash and a salt.

11. What term is used to describe the science of making and breaking secret codes?

  • Spoofing
  • Cryptography
  • Jamming
  • Factorization
  • Impersonation

Explanation: Cryptology is the science of making and breaking codes to make sure that cyber criminals cannot easily compromise protected information.

12. You are using a public key encryption to exchange a message with one of your colleagues. Which key should you use to encrypt your message?

  • Your colleague’s public key
  • Your public key
  • Your colleague’s private key
  • Your private key

13. Which of the following are states of data? (Select three correct answers)

  • Data in transit
  • Data in process
  • Data in storage
  • Decrypted data
  • Purged data
  • Encrypted data

Explanation: The three possible data states:
Data in transit.
Data at rest or in storage.
Data in process.

14. Passwords, passphrases and PINs are examples of which of the following security terms?

  • Authentication
  • Authorization
  • Access
  • Identification

Explanation: Authentication methods are used to strengthen access control systems. It is important to understand the available authentication methods.

15. Which of the following hashing technologies requires the exchange of keys?

  • MD5
  • AES
  • Salting
  • HMAC

Explanation: The difference between HMAC and hashing is the use of keys.

16. What type of cipher encrypts plaintext one byte or one bit at a time?

  • Block
  • Elliptical
  • Enigma
  • Stream
  • Hash

Explanation: Stream ciphers encrypt plaintext one byte or one bit at a time, and can be much faster than block ciphers.

17. You have a large amount of data that needs to be kept confidential. What algorithm would best meet your requirement?

  • Diffie-Hellman
  • RSA
  • ECC
  • 3DES

Explanation: Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

18. Which 128-bit block cipher encryption algorithm does the U.S. government use to protect classified information?

  • Skipjack
  • AES
  • Vigenere
  • Caesar
  • 3DES

Explanation: The Advanced Encryption Standard (AES) is used to protect classified information by the U.S. government and is a strong algorithm that uses longer key lengths.

19. You have been asking to implement a data integrity program to protect data files that need to be electronically downloaded by @Apollo employees. You decide to use the strongest hashing algorithm available. Which hash algorithm would you choose?

  • AES
  • SHA-256
  • MD5
  • SHA-1

Explanation: AES is a strong algorithm that uses longer key lengths. AES is faster than DES and 3DES, so it provides both a solution for software applications as well as hardware use in firewalls and routers.

20. What type of access control do smart cards and biometrics provide?

  • Technological
  • Administrative
  • Logical
  • Physical

Explanation: Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

21. What name is given to the method that tries all possible password combinations until a match is found?

  • Cryptographic
  • Brute force
  • Birthday
  • Dictionary
  • Cloud
  • Rainbow tables

Explanation: Two common methods of cracking hashes are dictionary and brute force. Given time, the brute force method will always crack a password.

22. Which wireless standard made AES and CCM mandatory?

  • WPA
  • WEP2
  • WPA2
  • WEP

Explanation: Wireless security depends on several industry standards and has progressed from WEP to WPA and finally WPA2.

23. Which of the following protocols would you use to provide security for employees that access an organization’s systems remotely from home?

  • WPA
  • SCP
  • Telnet
  • SSH

Explanation: Various application layer protocols are used to for communications between systems. A secure protocol provides a secure channel over an unsecured network.

24. Mutual authentication can prevent which type of attack?

  • Wireless IP spoofing
  • Wireless sniffing
  • Man-in-the-middle
  • Wireless poisoning

Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

25. @Apollo permits employees to work from home. Which technology should be implemented to ensure data confidentiality as it is transmitted?

  • SHS
  • RAID
  • VLANs
  • VPN

Explanation: Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.

26. Which of the following protocols use the Advanced Encryption Standard (AES)? (Select two correct answers)

  • WEP
  • WPA
  • EAP
  • TKIP
  • WPA2

Explanation: Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.

27. What does the term BYOD mean?

  • Bring your own decision
  • Buy your own device
  • Bring your own device
  • Baseline your own disaster

Explanation: The term bring-your-own-device is used to describe mobile devices such as iPhones, smartphones, tablets, and other devices

28. What solution should be used to enforce the security policy that a computing device must be updated with the latest antimalware software before it can connect to an organization’s network?

  • NAC
  • VPN
  • SAN
  • NAS

Explanation: A cybersecurity specialist must be aware of the technologies available to enforce its organization’s security policy.

29. You have been asked to work with fellow @Apollo employees to improve data integrity during initial data entry and data modification operations. Several staff members ask you why the new data entry screens limit the types and size of data that can be entered into specific fields. You explain that this is a data integrity control. What does this mean?

  • A limitation rule which has been implemented to prevent unauthorized staff from entering sensitive data
  • Data encryption operations that prevent any unauthorized users from accessing sensitive data
  • Data entry controls which only allow entry staff to view current data
  • A validation rule which has been implemented to ensure completeness, accuracy and consistency of data

Explanation: Data integrity deals with data validation.

30. As part of the cybersecurity team at @Apollo, you want to verify the identity of each client looking to log on to our website to pay the money they owe. Which technology would you implement to authenticate and verify such electronic transactions?

  • Symmetric encryption
  • Asymmetric encryption
  • Digital certificates
  • Data hashing

Explanation: Digital certificates protect the parties involved in secure communications.

31. What Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?

  • The Computer Management tool
  • The Event Viewer Security log
  • The Local Security Policy tool
  • The Active Directory Security tool

Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities. Local Security Policy, Event Viewer, and Computer Management are Windows utilities that are all used in the security equation.

32. What technology should you implement to ensure that an individual cannot later claim that he or she did not sign a given document?

  • Digital certificate
  • Digital signature
  • HMAC
  • Asymmetric encryption

Explanation: A digital signature is used to establish authenticity, integrity, and nonrepudiation.

33. The X.509 standard defines which of the following security technologies?

  • Security tokens
  • Digital certificates
  • Biometrics
  • Strong passwords

Explanation: Digital certificates protect the parties involved in a secure communication

34. Being able to maintain availability during disruptive events describes which of the principles of high availability?

  • Single point of failure
  • Uninterruptible services
  • Fault tolerance
  • System resiliency

Explanation: High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.

35. What protection does a one meter high fence provide?

  • The fence deters determined intruders
  • The fence offers limited delay to determined intruders
  • The fence deters casual trespassers only
  • The fence prevents casual trespassers

Explanation: Security standards have been developed to assist organizations in implementing the proper controls to mitigate potential threats. The height of a fence determines the level of protection from intruders

36. When comparing biometric systems, what is the crossover error rate?

  • The point at which the rate of acceptability and the rate of false negatives converge
  • The point at which the rate of false positives and the acceptability rate are the same
  • Where the rate of rejection and the rate of false negatives meet
  • The point at which the rate of false negatives and the rate of false positives are the same

Explanation: In comparing biometric systems, there are several important factors to consider including accuracy, speed or throughput rate, and acceptability to users.

37. Your organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?

  • Limiting access to the data on the systems
  • Stronger encryption systems
  • Remote access to thousands of external users
  • Improving reliability and uptime of the servers

Explanation: System and data availability is a critical responsibility of a cybersecurity specialists. It is important to understand the technologies, process, and controls used to provide high availability.

38. Which of the following is considered a natural disaster?

  • An earthquake
  • A power failure
  • Water damage resulting from sprinkler failure
  • A labor strike

39. Keeping data backups offsite is an example of which type of disaster recovery control?

  • Corrective
  • Preventive
  • Detective
  • Management

Explanation: A disaster recovery plan enables an organization to prepare for potential disasters and minimize the resulting downtime.

40. Which of the following is a critical step when carrying out a business impact analysis (BIA)?

  • Determining if a warm or hot site will be used
  • Creating a vendor contact list
  • Identifying acceptable recovery times
  • Documenting application vulnerabilities

41. What is an example of a business continuity plan?

  • Identifying critical business processes, resources and relationships between systems by focusing on the consequences of an interruption to critical business functions
  • Getting critical systems to another location while the repair of the original facility is underway
  • Ensuring critical systems are online during a disaster
  • Identifying and analyzing potential events that may negatively impact an organization’s assets

Explanation: A business continuity plan (BCP) is a broader plan than a disaster recovery plan (DRP) because it can include getting critical systems to another location while the repair of the original facility is underway. In such a scenario, personnel continues to perform all business processes in an alternate manner until normal operations resume.

42. What values are required to calculate annual loss expectancy? (Choose two correct answers)

  • Single loss expectancy
  • Asset value
  • Frequency factor
  • Annualized rate of occurrence
  • Exposure factor

Explanation: Single loss expectancy, annualized rate of occurrence, and annualized loss expectancy are used in a quantitative risk analysis

43. @Apollo wants to adopt a labeling system based on the value, sensitivity and criticality of the information it handles. What element of risk management would you recommend?

  • Asset availability
  • Asset standardization
  • Asset classification
  • Asset identification

Explanation: One of the most important steps in risk management is asset classification.

44. An organization has installed antimalware. What type of security control is this?

  • Detective control
  • Deterrent control
  • Compensative control
  • Recovery control

Explanation: A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

45. In which of the following situations would a detective control be warranted?

  • When an organization needs to repair damage
  • When an organization cannot use a guard dog and must therefore consider alternative control options
  • To restore an organization’s system to a normal state after experiencing a breach
  • When an organization needs to identify prohibited activity

Explanation: Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

46. An organization only installs applications that meet its guidelines, and administrators increase security by eliminating all other applications. What is this called?

  • Asset availability
  • Asset identification
  • Asset classification
  • Asset standardization

Explanation: An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.

47. What risk mitigation strategy includes outsourcing services and purchasing insurance?

  • Risk transfer
  • Risk reduction
  • Risk acceptance
  • Risk avoidance

Explanation: Risk mitigation lessens the exposure of an organization to threats and vulnerabilities by transferring, accepting, avoiding, or taking an action to reduce risk.

48. Which framework would you recommend for establishing a comprehensive information security management system in an organization?

  • ISO/IEC 27000
  • ISO OSI model
  • NIST/NICE Framework
  • CIA Triad

Explanation: A cybersecurity specialist needs to be familiar with the different frameworks and models for managing information security.

49. An organization does not have a blueprint for its cybersecurity program. What type of policies does it need to develop?

  • Acceptable use policies
  • Issue-specific policies
  • System-specific policies
  • A master cybersecurity policy

Explanation: Master cybersecurity policy: The blueprint for an organization’s cybersecurity program, this policy serves as the strategic plan for implementing cybersecurity controls.

50. What national resource was developed as a result of a U.S. Executive Order following a ten-month collaborative study involving over 3,000 security professionals?

  • NIST Framework
  • ISO OSI model
  • The National Vulnerability Database
  • ISO/IEC 27000

Explanation: There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.

Notify of

Inline Feedbacks
View all comments